Searching PAJ 



1/2 s<—is 



PATENT ABSTRACTS OF JAPAN 



(1 1 publication number : 2000-1 72648 

(43)Date of publication of application : 23.06.2000 



(51)IntCI. 


G06F 


15/00 


G09C 


1/00 




G09C 


5/00 



(21) Application number : 10-351032 (71)Applicant : NIPPON TELEGR & TELEPH CORP 

<NTT> 

(22) Date of filing : 10.12.1998 (72)Inventor : TANAKA KIYOTO 

YAMANAKA KIYOSHI 
TOMONO AKIRA 
KUBOTA YUKIHIRO 
HIDAKATOMOKO 
MATSUTANI SHOJI 



(54) DEVICE AND METHOD FOR PROTECTING DIGITAL INFORMATION AND STORAGE 
MEDIUM WITH DIGITAL INFORMATION PROTECTION PROGRAM RECORDED THEREIN 

(57)Abstract: 

PROBLEM TO BE SOLVED: To appropriately protect 
the copyright of digital contents. 

SOLUTION: At a distribution server 2, information such 
as kinds of enciphered digital contents and date of 
preparation is embedded in these contents by an 
electronic watermark style so as not to be easily 
discriminated and not to be easily separated by the third 
person, and distributed to a user 3 as enciphered 
contents 4. The user extracts the information, such as 
the kind of contents and the date of preparation by a 
program, which is described in an intermediate language 
form which does not depend on a device, for interpreting 
and executing the electronic watermark information, 
applies a digital signature to this information, outputs a 
request 5 to the distribution server 2 and deciphers the 
enciphered digital contents while using deciphered 
information 6 from the distribution server 2 which 
verifies this request. 
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* NOTICES * 

JPO and NCIPI are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1] The server which enciphers and distributes digital information, such as an image and 
voice, and the user terminal which decodes the this enciphered digital information and performs 
various processings are the digital information protective devices in the system which it comes 
to connect through a network. A server The means which embeds the class of enciphered digital 
information etc. as digital-watermarking information at the this enciphered digital information, It 
is described in an intermediate-language format and has a means to prepare the executive 
program for interpreting and performing said embedded digital-watermarking information. A user 
terminal From a means to download said executive program from a server, and the digital- 
watermarking information embedded by said downloaded executive program at said enciphered 
digital information The class of the means which takes out the class of said enciphered digital 
information etc., and said enciphered digital information in the taken-out information etc., A 
digital signature is given with the private key of a public key cryptosystem to a user's identifier 
and the digital certificate of a self-signature format It has a means to transmit such information 
to a server through a network. Moreover, a server The digital signature in the information which 
it was transmitted from the user terminal and received is verified. The encryption key used in 
order to encipher digital information, if a verification result is right The digital information 
protective device characterized by having a means to give a digital signature while enciphering 
with the public key of a user's public key cryptosystem contained in the digital certificate in said 
received information, and to transmit such information to a user terminal through a network. 
[Claim 2] The server which enciphers and distributes digital information, such as an image and 
voice, and the user terminal which decodes the this enciphered digital information and performs 
various processings are the digital information protective devices in the system which it comes 
to connect through a network. A server A means to save an encryption key while enciphering 
digital information with a common key encryption system, 
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DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the storage which recorded the program on the 
equipment and its approach list for protecting the copyright at the time of distributing digital 
information (digital contents), such as an image and voice, through a network or CD-ROM. 
[0002] 

[Description of the Prior Art] In recent years, use of the digital contents distributed through the 
network or CD-ROM prospers with high efficiency, such as the explosive spread of the Internet 
suitable for circulation of digital contents, and a personal computer which can perform various 
processings of a display, playback, etc. to digital contents, and high-performance-izing. 
[0003] By the way, since in the case of digital contents quality does not deteriorate even if it 
covers what generation and performs a copy on the property of a digital signal, the infringement 
action of copyrights, such as the so-called illegal copy, that persons other than the user (user) 
of normal use a replica is easy to be performed. 

[0004] Then, when it was going to protect the copyright of contents severely, approaches, such 
as enabling the use, were taken by enciphering with a digital code technique, distributing 
contents, and distributing the cryptographic key which decodes the enciphered contents among 
the user of normal. 
[0005] 

[Problem(s) to be Solved by the Invention] However, since it stored in the header information of 
a field different from the contents generally enciphered about the information which distinguishes 
whether you are the user of the expiration date or normal, i.e., contents, etc. when the contents 
enciphered as mentioned above were distributed and a cryptographic key was distributed among 
the user of normal, there was a fault that a user, the information about the contents concerned, 
etc. are easily removable from a header field, or it could rewrite to another data and an unjust 
action could be performed. Moreover, the cryptographic key distributed before was used, and 
even after the expiration date was completed, there was a fault that the contents concerned 
could be used. 

[0006] The purpose of this invention is to offer the storage which recorded the program on the 
equipment which can protect the copyright of digital contents appropriately, and its approach 
list 
[0007] 

[Means for Solving the Problem] Since the above-mentioned purpose is attained in this 
invention, a third person cannot distinguish easily to the enciphered digital information, and 
easy — non-detachable digital watermarking (it Ogawa-** for example, Takao Nakamura — ) The 
digital-watermarking method in the frequency domain for the protection of copyrights of a Yoichi 
Takashima "digital image" (1997 codes and information security symposium (SCIS97) 26A), Inoue 
** "digital-watermarking" (Maruyama Gakugei Tosho) ""digital-watermarking" keeps multimedia 
age" (the Nikkei electronics — ) Information, such as a class of the digital information concerned 
and creation data, is inserted in 1997, 2-24 (No.683), and a pp.99-124 reference format, and 
digital information is distributed among a user in these formats. Furthermore, the program of the 
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intermediate-language format for interpreting and performing embedded digital-watermarking 
information is prepared. 

[0008] Moreover, the server among which the server which enciphers and distributes digital 
information, such as an image and voice, in order to attain the above-mentioned purpose in this 
invention, and the user terminal which decodes the this enciphered digital information and 
performs various processings distribute digital information in the system which it comes to 
connect through a network saves an encryption key while enciphering the digital information 
distributed among a user with a common key encryption system. 

[0009] A server enciphers the class of digital information, creation data, an expiration date, etc. 
with the private key of the public key cryptosystem of a server, and gives a digital signature 
about the information concerned further, and a third person inserts such information and the 
digital certificate of a server in said enciphered digital information easily in the form of the 
digital-watermarking information which cannot be distinguished. 

[0010] Next, while preparing the program for interpreting and performing digital-watermarking 
information which was described in the intermediate-language format independent of equipment, 
and was inserted, the digital information distributed to a user is created by adding the download 
program for downloading the program concerned from a server to the digital information where 
digital-watermarking information was embedded. 

[001 1] It considers as the digital information created by said server when distributing digital 
information among a user, and when using the digital information as which the user was 
enciphered, a program is downloaded from a server using the download program added to the 
distributed digital information. 

[0012] A user draws up the digital certificate of the self-signature format containing the public 
key of a user name and the key pairs concerned etc. while generating the key pair of a public key 
cryptosystem by performing this downloaded program. The digital-watermarking information 
inserted in the digital information enciphered by performing the program furthermore downloaded 
is taken out, and a digital signature is verified about the class of enciphered digital information 
which took out the public key of a public key cryptosystem about the digital certificate of the 
server in the taken-out information, and was further taken out from digital-watermarking 
information, creation data, an expiration date, etc. 

[0013] Next, the class of enciphered digital information, creation data, an expiration date, etc. a 
user's identifier, the digital certificate of a user's self-signature format, and a user's digital 
signature to such information are transmitted to a server. 

[0014] If a server receives the information from a user, receipt information will verify it in the 
right with the public key picked out from the digital certificate of a user's self^signature format. 
If a verification result is right, a server will be decoded with the private key of the public key 
encryption of the server which saves the enciphered information which is included in receipt 
information, and will verify the class of digital information, creation data, an expiration date, etc. 
about the received information. 

[0015] A digital signature is generated while enciphering with the public key of the user who took 
out the encryption key which was used in order to encipher digital information, if these 
verification results are also right, and which is saved, and picked out this encryption key from 
the digital certificate of a user's sell^signature format included in said receipt information. The 
encryption key information and the digital signature which were enciphered are transmitted to a 
user. 

[0016] If a user receives transmit information, he will verify a digital signature while he decodes 
the encryption key enciphered with the private key corresponding to the digital certificate of a 
sell^signature format using the downloaded program. The digital information enciphered with the 
encryption key decoded when the verification result was right is decoded, and the information 
concerned is processed for a display, printing, etc. 

[0017] Moreover, the result in digital cipher processing, such as a decode result of the digital 
information in a user terminal, all intermediate information, etc. are stored on the storage of the 
volatility of a user terminal. Furthermore, unjust use of digital contents is prevented by canceling 
the data concerned on an volatile store immediately by the user terminal, when termination or a 
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verification result does not have right processing. 

[0018] When according to this invention digital information is distributed on a network and a user 
processes display, playback, etc., the safeguard optimal about the copyright of such digital 
information can be offered. 
[0019] 

[Embodiment of the Invention] Hereafter, the gestalt of operation of this invention is explained 
with reference to a drawing. 

[0020] Drawing 1 shows an example of the gestalt of operation of the digital information 
protection system by this invention, the server to which one creates digital contents, the server 
which distributes among a user the digital contents by which 2 was created by the server 1, and 
3 are terminal units (user terminal) which a user uses among drawing, and these are connected 
in the network which is not illustrated. 

[0021] The outline of this system is explained using drawing 1 . 

[0022] An implementer creates digital contents by the digital contents creation server 1, and the 
creation information about the digital contents and these contents which were created etc. is 
transmitted to the digital contents distribution server 2. About the digital contents which 
received, the digital contents distribution server 2 creates the digital information for distributing 
among a user, and distributes it among a user 3 by making these into the encryption contents 4. 
Distribution to a user may be performed in a network, or you may distribute in the form of a 
medium like CD-ROM. 

[0023] A user 3 transmits the distribution server 2 which transmits predetermined information to 
the distribution server 2 as a request (use demand) 5 to a user 3 by making into the decode 
information 6 the encryption key used in order to inspect the contents, and to encipher digital 
contents if right if a request 5 is received, when using the distributed encryption contents 4. A 
user 3 returns to the original digital contents using the decode information 6, and performs 
processing of a display or printing. 

[0024] These processings are explained to a detail using drawing 2 thru/or drawing 4 . 
[0025] The flow chart which drawing 2 shows the format of the encryption contents 4 in drawing 
1 , and shows processing in case drawing 3 creates the digital contents distributed by the digital 
contents distribution server 2, and drawing 4 are flow charts which show the processing when 
using the distributed digital contents. 

[0026] When creating the information on drawing 2 by the digital contents distribution server 2, 
the encryption key of the common key encryption system for enciphering digital contents is 
generated first, and digital information is enciphered using this encryption key (s11). Next the 
address of the information about these digital contents, i.e., a class, creation data, an expiration 
date, an identification number, an implementer, and the digital contents distribution server 2 etc. 
is enciphered with the public key of the public key cryptosystem of the digital contents 
distribution server 2 (s12). A digital signature is given to the information created by s12 (s13), 
and the alteration of the information in the middle of distribution is prevented. 
[0027] Next, it embeds in the digital-watermarking format which a third person cannot detect to 
the encryption digital contents which drew up the digital certificate of the information about the 
digital contents enciphered by s12, the digital signature created by s13, and the distribution 
server 2 by s1 1 (s14). 

[0028] Moreover, the executive program which, on the other hand, takes out, interprets and 
performs information embedded as digital-watermarking information is prepared in the 
intermediate-language format independent of a model (s1 5). 

[0029] Furthermore, the program for a communication link (download) of the intermediate- 
language format for downloading the program of s15 is created, and it adds to the information on 
s14 (s16). The information created by s16 is distributed among a user (s17). As a distribution 
means, it may carry out electronically using a network, or you may distribute with a gestalt like 
CD-ROM, and the distribution gestalt is not asked. 

[0030] Now, how a user uses the distributed digital information is explained using the flow chart 
of drawing 4 . Here, s21~s28 are processings of a user terminal 3, and s31~s34 are processings 
of the distribution server 2. 
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[0031] A user takes out the intermediate-language program for a communication link for 
performing download shown in drawing 2 from the distributed digital information (s21). Since this 
program is the only added [ merely ] format, a user can take out easily. Moreover, since [ like the 
intermediate-language format independent of a model, for example, a JAVA applet, 1 any models 
can be performed if it has the function to perform an intermediate-language program like JAVA. 
[0032] Now, the executive program prepared by s15 of drawing 3 by the download program taken 
out by s21 is downloaded by the distribution server 2 (s22). Next, while using the executive 
program downloaded by s22 and generating the key pair of the public key and private key for 
users in a public key cryptosystem, the digital certificate of the sell^signature format of having 
signed with its own private key is drawn up (s23). 

[0033] Next, the information embedded with the gestalt of digital watermarking at the distributed 
digital information is taken out by the program downloaded by s22 (s24). 

[0034] With the public key of the public key cryptosystem of the distribution server 2 contained 
in the digital certificate in the taken-out information, the digital signature about the class of said 
enciphered digital contents in the taken-out information, creation data, an expiration date, etc. is 
verified. If a verification result is right, the private key of a user's public key cryptosystem will 
perform a digital signature to information, such as a class of enciphered digital contents, creation 
data, and an expiration date, a user s identifier, and the digital certificate of the self^signature 
format created by s23 which were taken out by s24 (s25). 

[0035] Next, the result which carried out the digital signature to information, such as a class of 
enciphered digital contents, creation data, and an expiration date, the user name, and the digital 
certificate of the self-signature format created by s23 which were taken out by s24 is 
transmitted to the distribution server 2 through a network (s26). 

[0036] The digital signature in the information which two is the public key of a user s public key 
cryptosystem contained in the digital certificate of the sell^signature format in the information 
which it was transmitted and was received, and was this received by the distribution servers26 is 
verified (s31). If the verification result of a digital signature is right, the encryption information 
created by processing of drawing 3 of s12 among the information transmitted by the user will be 
taken out, and it will be decoded with the private key of the public key cryptosystem of the 
distribution server 2 (s32). 

[0037] Verify the class of digital contents, creation data, an expiration date, etc. about the 
decoded information, and if it is right It takes out from the place which has saved the encryption 
key used for enciphering the digital contents itself by s1 1 of drawing 3 (s33). Next, it enciphers 
with the public key of a user's public key cryptosystem contained in the digital certificate of the 
seH^signature format of the user in the information which received this encryption key, a digital 
signature is given further, and such information is transmitted to a user 3 through a network 
(s34). 

[0038] A digital signature is verified while decoding the information with the private key of a 
user's public key cryptosystem, if the information transmitted from the distribution server 2 by 
processing of a user three s34 is received (s27). If the verification result of a digital signature is 
right, it decodes using the encryption key which decoded the digital contents enciphered by s1 1, 
and the result will be displayed on a screen or will be printed (s28). 

[0039] All of these processings in a user terminal 3 are performed and stored on volatile 
memory, and they are not performed on the storage of a non-volatile. Moreover, the time when a 
verification result is unjust, and when interrupting processing for the middle, the condition of 
performing by the user terminal 3, and information are canceled immediately. 
[0040] 

[Effect of the Invention] As explained above, when according to this invention digital information 
is distributed on a network and a user processes display, playback, etc., the check of an 
expiration date etc. is made about such digital information, and unjust use can be prevented. 
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DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] The system configuration Fig. showing an example of the gestalt of operation of this 
invention 

[Drawing 2] The explanatory view showing the format of the enciphered digital contents 
distributed among a user 

[Drawing 3] The processing flow chart of the creation time of digital contents to distribute 
[Drawing 4] The processing flow chart at the time of use of the distributed digital contents 
[Description of Notations] 

1: A digital contents creation server, a 2:digital contents distribution server, 3:user, 4:encryption 
contents, 5:request, 6 : decode information. 
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